Are autocomplete passwords safe?

Advertisers have found a new way to track you through the autocomplete password function in your web browser. According to Freedom to Tinker, a few advertising networks are using tracking scripts to capture the email addresses that you fill in on websites.

Why auto-fill passwords are so dangerous

When you save your username and password on a website, your password manager remembers them. From that point forward, it will attempt to automatically fill them into username and password boxes it sees on that website. This makes signing in faster, as you just have to click “Login”.

However, some third-party advertising scripts, utilise these scripts to track you. They run in the background and are invisible to the unsuspecting browser. The scripts create invisible login and password boxes which capture the credentials that your password manager has stored.

You need unique passwords for each website

This situation demonstrates the importance of using unique passwords on every website. Advertisers are currently using this technique to capture usernames and email addresses. However, there’s nothing stopping hackers from using the same scripts to obtain your details.

If your details have been entered into a website that has been compromised, it’s easy for hackers to access all your other accounts where the usernames and passwords are identical.

Password managers are essential

With all the different accounts the average person has online, and the frequency of cyber attacks, it’s imperative that you use a unique password for every site you visit. The best way to do that is with a password manager.

One simple security tip for today

You can mitigate some of your risk by disabling autofill in your password manager. Here’s how to do it:

Firefox users– Open the Options window, click Privacy, and under the History heading, select “Firefox will: Use custom settings for history.” In the new window, disable “Remember search and form history.”

Safari users– Open the Preferences window, select the Auto-fill tab, and turn off all the features related to usernames and passwords.

MiIT is currently expiring an outage with one of our upstream provision of voice services which has led to a disruption of these services. Our Team is currently working to try and resolve this issue as soon as possible.

Our first priority is to restore these services as soon as possible, we will then investigate and make available a full report on what has transpired.